Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

Another case is you e-mail account is compromised, and DKIM/DMARC are helpless again. Actually, you probably do not need to spoof the e-mail address and can attack with random From:, because message is decoded regardless of address in the From: and this attack does not require sender's signature

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

> On May 18, 2018, at 7:09 AM, Vladimir Dubrovin wrote: > > > EFAIL exploitation requires MitM conditions. Neither DKIM nor DMARC protect > against attacker able to perform MitM. > It just requires the attacker to have a copy of the encrypted mail. Passive mitm is

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

EFAIL exploitation requires MitM conditions. Neither DKIM nor DMARC protect against attacker able to perform MitM. 15.05.2018 17:15, Kurt Andersen пишет: > Manipulating MIME structures in email messages to expose the encrypted > content: https://efail.de/ > > --Kurt > > >

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

On 05/15/2018 10:46 AM, Kurt Andersen (b) wrote: People who run their GUI MUA to auto-decrypt and display undefanged HTML probably also run that client as root so the exploit is really quite a lot more risky than even the hype has made out. I doubt that. I'm sure that some of the people that

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

On 05/15/2018 10:33 AM, Paul Rock wrote: You're tapping next next next in your email client, the client loads my message, sends me the decrypted text, and you scratch your head wondering why you got two copies of the message. The recipient shouldn't see the second copy of the decrypted

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

On 05/15/2018 10:09 AM, John Levine wrote: I suppose, for the 10 seconds from the time the message is created until the attacker's MTA signs it on the way out. The bad guy can put a return address he controls on the malicious message and make the whole thing DMARC compliant. There is a much

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

If someone tries some sort of man in the middle inline injection attack to pull this off, sure, I can see DKIM catching that. But the really really nasty bit is the assumption is that you (the target) are running an email client that automatically decrypts any inbound message and render's the HTML

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

In article <66d513ca-f33d-748b-e394-bceb6e1da...@spamtrap.tnetconsulting.net> you write: >-=-=-=-=-=- > >On 05/15/2018 08:15 AM, Kurt Andersen wrote: >> Manipulating MIME structures in email messages to expose the encrypted >> content: https://efail.de/ > >DKIM will not help protect against

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

On 05/15/2018 08:15 AM, Kurt Andersen wrote: Manipulating MIME structures in email messages to expose the encrypted content: https://efail.de/ DKIM will not help protect against #Efail. Efail works by copying ciphertext into a new message and arranging for the client to decrypt it. Said new

Re: [dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

> On May 15, 2018, at 7:15 AM, Kurt Andersen wrote: > > Manipulating MIME structures in email messages to expose the encrypted > content: https://efail.de/ While I'd agree that the whole efail thing is a little over-hyped, I don't see where in the exploit process having

[dmarc-ietf] Too bad that the EFAIL victims never heard of DKIM/DMARC

Manipulating MIME structures in email messages to expose the encrypted content: https://efail.de/ --Kurt ___ dmarc mailing list dmarc@ietf.org https://www.ietf.org/mailman/listinfo/dmarc